All CORS rejections reported to server logs

[tsegismont]

Currently, all CORS rejections are reported to the server logs.

This is an excerpt of the Vert.x starter logs.

Oct 14 07:32:54 vertx java[535818]: 07:32:54.716 [vert.x-eventloop-thread-0] ERROR io.vertx.ext.web.RoutingContext - Unhandled exception in router
Oct 14 07:32:54 vertx java[535818]: java.lang.IllegalStateException: CORS Rejected - Invalid origin
Oct 14 07:32:54 vertx java[535818]:         at io.vertx.ext.web.handler.impl.CorsHandlerImpl.handle(CorsHandlerImpl.java:252) ~[vertx-starter-latest-fat.jar:?]
Oct 14 07:32:54 vertx java[535818]:         at io.vertx.ext.web.handler.impl.CorsHandlerImpl.handle(CorsHandlerImpl.java:41) ~[vertx-starter-latest-fat.jar:?]

There is a lot of log entries like this one.

Of course, one can set the log level to FATAL for this category. But given these rejections are expected and there is no action the user shall take, we could try to avoid logging altogether (or at least lower to DEBUG level)

[tsegismont]

@pmlopes it seems this comes from https://github.com/vert-x3/vertx-web/pull/1857

How about replacing the context failure with exception by trace-level logs? Like this:

      context
        .response()
        .setStatusMessage("CORS Rejected - Invalid origin");
      LOG.trace("CORS Rejected - Invalid origin");
      context.fail(403);

Instead of:

      context
        .response()
        .setStatusMessage("CORS Rejected - Invalid origin");
      context
        .fail(403, new IllegalStateException("CORS Rejected - Invalid origin"));

[tsegismont]

By the way, invoking context#fail even without a message or exception leads to Unhandled exception in router printed in the logs.

I'm curious why we can't send the response directly. I assumed the next handlers wouldn't be called anyway.

[tsegismont]

Closed by a3c19078a